programming
Build security design principles into cyber-physical systems
We are immersed in a cyber-physical world. Information technology is deeply embedded in traditionally non-IT systems, including automobiles, the electric grid and emergency …
Developing a mobile health app? Check which federal laws apply
The Federal Trade Commission has created a new web-based tool for mobile health app developers, which is designed to help the developers understand what federal laws and …
PHP, Python still fail to spot revoked TLS certificates
In 2012, a group of researchers demonstrated that SSL certificate validation is broken in many applications and libraries, and pointed out the root causes for that situation: …
Can poorly designed embedded devices kill?
The industry is not taking safety and security seriously enough, according to the Barr Group, who conducted a survey to better understand the state of safety- and …
Kotlin programming language for JVM and Android reaches version 1.0
Kotlin is an open source programming language for JVM and Android that combines OO and functional features and is focused on interoperability, safety, clarity and tooling …
De-anonymizing code authors by analyzing executable binaries
A group of researchers that have previously proven that it’s possible to de-anonymize programmers by analysing the source code of programs they have created, have now …
86% of PHP-based apps contain at least one XSS vulnerability
Four out of five applications written in PHP, Classic ASP and ColdFusion that were assessed by Veracode failed at least one of the OWASP Top 10. Given the volume of PHP …
High-impact DoS flaw patched in Node.js, update as soon as possible
The Node.js Foundation has pushed out a patch for its eponymous open source, cross-platform runtime environment for developing server-side web applications. The fix plugs two …
Apple’s Swift programming language is now open source
Apple announced that its Swift programming language is now open source. Swift is a powerful and intuitive programming language that gives developers the freedom and …
Researchers get $100k for detecting emerging class of C++ bugs
Facebook has awarded $100,000 to a team of researchers from Georgia Tech for their discovery of a new method for identifying “bad-casting” vulnerabilities that …
79% of companies release apps with known vulnerabilities
The application development process is rampant with security risks due to current business pressures, according to new research released at Black Hat USA 2015 by Prevoty. From …
Commercial code is more compliant to security standards than open source code
A new report details the analysis of nearly 10 billion lines of source code through the Coverity Scan service and usage of the Synopsys Coverity Software Testing Platform.For …
Featured news
Resources
Don't miss
- Building a healthcare cybersecurity strategy that works
- AI-generated images have a problem of credibility, not creativity
- The five-minute guide to OT cyber resilience
- Another remotely exploitable Oracle EBS vulnerability requires your attention (CVE-2025-61884)
- Apple offers $2 million for zero-click exploit chains